SSH with ed25519
NIIBE Yutaka
gniibe at fsij.org
Wed Aug 12 15:46:27 CEST 2015
Hello,
I forgot when I tested OpenSSH with Ed25519, it worked at that
time. Today, I needed a patch like this:
diff --git a/agent/command-ssh.c b/agent/command-ssh.c
index 2a3037c..7526634 100644
--- a/agent/command-ssh.c
+++ b/agent/command-ssh.c
@@ -1964,6 +1964,11 @@ ssh_key_to_blob (gcry_sexp_t sexp, int with_secret,
err = gpg_error (GPG_ERR_INV_SEXP);
goto out;
}
+ if (data[0] == 0x40)
+ {
+ data++;
+ datalen--;
+ }
err = stream_write_string (stream, data, datalen);
if (err)
goto out;
The above fix is not quite right (I think that always removing the
prefix is right), but I'm not sure if there's existing old keys.
In the git commit log, I found following change. I think that after
this change, we need to remove prefix when sending to SSH.
commit 557cc11a605dd280d03c52d8b546deed8c4c714d
Author: Werner Koch <wk at gnupg.org>
Date: Thu Jul 24 16:16:53 2014 +0200
gpg: Switch to an EdDSA format with prefix byte.
* g10/keygen.c (gen_ecc): USe "comp" for EdDSA.
--
More information about the Gnupg-devel
mailing list